//package com.demo.security;
//
//import java.io.IOException;
//
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import javax.sql.DataSource;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.core.annotation.Order;
//import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
//import org.springframework.security.core.Authentication;
////import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
//
//import com.demo.domain.Admin;
//import com.demo.domain.User;
//import com.demo.service.AdminService;
//
///**
// * 安全配置文件，主要是重写默认的认证方式和访问目录权限
// * 
// * @author jiekechoo
// *
// */
//@Configuration
//@EnableWebSecurity
//@EnableWebMvcSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
//	@Autowired
//	DataSource dataSource;
//	@Autowired
//	AdminService adminService;
//
//	/**
//	 * 使用jdbc认证方式，密码采用md5加密，salt 10
//	 */
//	@Autowired
//	public void configureGlobal(AuthenticationManagerBuilder auth)
//			throws Exception {
//		auth.jdbcAuthentication().dataSource(dataSource)
////				.passwordEncoder(new BCryptPasswordEncoder(10));
//				.passwordEncoder(new Md5PasswordEncoder());
//
//	}
//
//	@Configuration
//	@Order(1)
//	public static class ApiWebSecurityConfigurationAdapter extends
//			WebSecurityConfigurerAdapter {
//		protected void configure(HttpSecurity http) throws Exception {
//			http.antMatcher("/api/i/**").authorizeRequests().anyRequest()
//					.hasRole("USER").and().httpBasic();
//		}
//	}
//
//	@Configuration
//	@Order(2)
//	public static class FormLoginWebSecurityConfigurerAdapter extends
//			WebSecurityConfigurerAdapter {
//
//		@Override
//		protected void configure(HttpSecurity http) throws Exception {
//			http.authorizeRequests()
//					.antMatchers("/api/create", "/", "/assets/**", "/plugins/**",
//							"/bootstrap/**", "/api-docs/**", "/debug/**", "/api/**","/test/**","/vsd/**","/mobile","/static/**","/manager/**")
//					.permitAll()
////					.antMatchers("/admin/**").hasRole("ADMIN")
//					.anyRequest().authenticated().and().formLogin()
//					.loginPage("/manager/login").successHandler(loginsuccess())
//					.permitAll().and().logout().permitAll()
//					.and().csrf().disable();
//		}
//		
//	}
//	
//	public  static LoginSuccessHandler loginsuccess(){
//		return new LoginSuccessHandler(); 
//	}
//	
//	/**
//	 * login success handler
//	 * @author Administrator
//	 *
//	 */
//	public static class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler{
//
//		@Override
//		public void onAuthenticationSuccess(HttpServletRequest request,
//				HttpServletResponse response, Authentication authentication)
//				throws ServletException, IOException {
//			// TODO Auto-generated method stub
//			
//			Object loginUser = authentication.getPrincipal();
//			if(loginUser instanceof User){//普通用户登录
//				
//			}else if(loginUser instanceof Admin){
//				System.out.println("admin --- login");
//				Admin admin = (Admin) loginUser;
//				
//			}
//			super.onAuthenticationSuccess(request, response, authentication);
//		}
//		
//	}
//	
//}
